A Cloud-based Mobile Privacy Protection System with Efficient Cache Mechanism

People increasingly rely on their mobile devices and use them to store a lot of data. Some of the data are personal and private, whose leakage leads to users\u27 privacy harm. Meanwhile, mobile apps and services over-collect users\u27 data due to the coarse-grained access control approach utilized by the mobile operating system. We propose a cloud-based approach to provide fine-grained access control toward data requests. We add privacy level, as a new metadata, to data and manage the storage using different policies correspondingly. However, the proposed approach leads to performance decreases because of the extra communication cost. We also introduce a novel cache mechanism to eliminate the extra cost by storing non-private and popular data on the mobile device. As part of our cache mechanism, we design a user-preference-based ordering method along with the principle of locality to determine how popular some data are. We also design a configurable refresh policy to improve the overall performance. Finally, we evaluate our approach using a real phone in a simulated environment. The results show that our approach can keep the response time of all data requests within a reasonable range and the cache mechanism can further improve the performance

5G Security Challenges and Solutions: A Review by OSI Layers

The Fifth Generation of Communication Networks (5G) envisions a broader range of servicescompared to previous generations, supporting an increased number of use cases and applications. Thebroader application domain leads to increase in consumer use and, in turn, increased hacker activity. Dueto this chain of events, strong and efficient security measures are required to create a secure and trustedenvironment for users. In this paper, we provide an objective overview of5G security issues and theexisting and newly proposed technologies designed to secure the5G environment. We categorize securitytechnologies usingOpen Systems Interconnection (OSI)layers and, for each layer, we discuss vulnerabilities,threats, security solutions, challenges, gaps and open research issues. While we discuss all sevenOSIlayers, the most interesting findings are in layer one, the physical layer. In fact, compared to other layers,the physical layer between the base stations and users’ device presents increased opportunities for attackssuch as eavesdropping and data fabrication. However, no singleOSI layer can stand on its own to provideproper security. All layers in the5G must work together, providing their own unique technology in an effortto ensure security and integrity for5G data

Efficient Location Privacy In Mobile Applications

Location awareness is an essential part of today\u27s mobile devices. It is a well-established technology that offers significant benefits to mobile users. While location awareness has triggered the exponential growth of mobile computing, it has also introduced new privacy threats due to frequent location disclosures. Movement patterns could be used to identify individuals and also leak sensitive information about them, such as health condition, lifestyle, political/religious affiliations, etc. In this dissertation we address location privacy in the context of mobile applications. First we look into location privacy in the context of Dynamic Spectrum Access (DSA) technology. DSA is a promising framework for mitigating the spectrum shortage caused by fixed spectrum allocation policies. In particular, DSA allows license-exempt users to access the licensed spectrum bands when not in use by their respective owners. Here, we focus on the database-driven DSA model, where mobile users issue location-based queries to a white-space database in order to identify idle channels in their area. We present a number of efficient protocols that allow users to retrieve channel availability information from the white-space database while maintaining their location secret. In the second part of the dissertation we look into location privacy in the context of location-aware mobile advertising. Location-aware mobile advertising is expanding very rapidly and is forecast to grow much faster than any other industry in the digital era. Unfortunately, with the rise and expansion of online behavioral advertising, consumers have grown very skeptical of the vast amount of data that is extracted and mined from advertisers today. As a result, the consensus has shifted towards stricter privacy requirements. Clearly, there exists an innate conflict between privacy and advertisement, yet existing advertising practices rely heavily on non-disclosure agreements and policy enforcement rather than computational privacy guarantees. In the second half of this dissertation, we present a novel privacy-preserving location-aware mobile advertisement framework that is built with privacy in mind from the ground up. The framework consists of several methods which ease the tension that exists between privacy and advertising by guaranteeing, through cryptographic constructions, that (i) mobile users receive advertisements relative to their location and interests in a privacy-preserving manner, and (ii) the advertisement network can only compute aggregate statistics of ad impressions and click-through-rates. Through extensive experimentation, we show that our methods are efficient in terms of both computational and communication cost, especially at the client side

Preserving Users’ Location Privacy in Mobile Platforms

Mobile and interconnected devices both have witnessed rapid advancements in computing and networking capabilities due to the emergence of Internet-of-Things, Connected Societies, Smart Cities and other similar paradigms. Compared to traditional personal computers, these devices represent moving gateways that offer possibilities to influence new businesses and, at the same time, have the potential to exchange users’ sensitive data. As a result, this raises substantial threats to the security and privacy of users that must be considered. With the focus on location data, this thesis proposes an efficient and socially-acceptable solution to preserve users’ location privacy, maintaining the quality of service, and respecting the usability by not relying on changes to the mobile app ecosystem. This thesis first analyses the current mobile app ecosystem as to apply a privacy-bydesign approach to location privacy from the data computation to its visualisation. From our analysis, a 3-Layer Classification model is proposed that depicts the state-ofthe- art in three layers providing a new perspective towards privacy-preserving locationbased applications. Secondly, we propose a theoretically sound privacy-enhancing model, called LP-Cache, that forces the mobile app ecosystem to make location data usage patterns explicit and maintains the balance between location privacy and service utility. LP-Cache defines two location privacy preserving algorithms: on-device location calculation and personalised permissions. The former incorporates caching technique to determine the location of client devices by means of wireless access points and achieve data minimisation in the current process. With the later, users can manage each app and private place distinctly to mitigate fundamental location privacy threats, such as tracking, profiling, and identification. Finally, PL-Protector, implements LP-Cache as a middleware on Android platform. We evaluate PL-Protector in terms of performance, privacy, and security. Experimental results demonstrate acceptable delay and storage overheads, which are within practical limits. Hence, we claim that our approach is a practical, secure and efficient solution to preserve location privacy in the current mobile app ecosystem